package com.miao.elm.config;//package com.miao.elm.config;
//
//import com.miao.elm.realm.UserRealm;
//import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
//import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
//import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
//import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//
//import java.util.LinkedHashMap;
//import java.util.Map;
//
//
//@Configuration
//public class ShiroConfig {
//
//    //Realm是用户的信息认证器和用户的权限认证器，我们需要自己来实现Realm来自定义的管理我们自己系统内部的权限规则
//    @Bean
//    public UserRealm userRealm(){
//        return new UserRealm();
//    }
//
//    //SecurityManager要验证用户，需要从Realm中获取用户，可以把Realm看做是数据源
//    @Bean
//    public DefaultWebSecurityManager securityManager(){
//        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//        //注入Realm
//        securityManager.setRealm(userRealm());
//        return securityManager;
//    }
//
//    @Bean
//    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){
//        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//        shiroFilterFactoryBean.setSecurityManager(securityManager());
//
//        shiroFilterFactoryBean.setLoginUrl("/LoginController/login");
//        shiroFilterFactoryBean.setSuccessUrl("/");
//        Map<String, String> map = new LinkedHashMap<>();
//        //放行跨域
//        map.put("/**", "cors,authc");
//        //允许匿名访问
//        map.put("/login", "anon");
//        //进行身份认证后才能访问
//        map.put("/**", "authc");
//        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
//        return shiroFilterFactoryBean;
//    }
//
//    @Bean
//    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager){
//        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
//        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
//        return authorizationAttributeSourceAdvisor;
//    }
//
//    @Bean
//    public DefaultWebSessionManager sessionManager() {
//        DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
//        defaultWebSessionManager.setSessionIdUrlRewritingEnabled(false);
//        return defaultWebSessionManager;
//    }
//
//}

